This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing WinGate. The vulnerability is caused due to a boundary error within the handling of POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted POST request to the proxy server.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing WinComLPD. A remote user can send specially crafted data to TCP port 13500 to trigger a stack overflow and execute arbitrary code on the target system.
An internal memory buffer may be overrun while handling long "SIZE" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the WFTPD Server process. The WFTPD Server server will be left inaccessible after successful exploitation.
This module exploits a remote stack-based buffer overflow in AEServer by sending a malformed packet to the 12401/TCP port.
Insufficient sanitization in WebCalendar's /includes/settings.php lead to remote dcode execution.
WarFTPd is a popular FTP server for Windows systems. WarFTPd is vulnerable to a buffer overflow in the way it handles the PASS command. This bug will be exploited in order to install an agent into the target machine. The WarFTPd server will be left inaccessible after successful exploitation.
This vulnerability allows remote attackers to execute arbitrary code on installations of Vermillion FTP Daemon, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error with the handling of PORT commands. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted command passed to the affected server.
NetBackup Java user-interface is affected by a remote format string vulnerability. An attacker can exploit this vulnerability by crafting a malicious request that contains format specifiers. A successful attack may result in crashing the server or lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation with SYSTEM or superuser privileges.
This module exploits a stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, allowing remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument. This module only works with localagent set as source.
An internal memory buffer may be overrun while handling long "APPE" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the ftpbasicsvr.exe process. UplusFtp server will be left inaccessible after successful exploitation.